Manuel Kasper has announced the release of m0n0wall 1.8.1, a small FreeBSD-based operating system designed specifically for firewalls: "m0n0wall 1.8.1 released. In m0n0wall 1.8.1, the base system has been switched to FreeBSD 8.4 for better support of recent hardware, and there have been significant improvements, new features and bug fixes in many areas. Change log highlights: add scheduler (Croen) service with many different job types (enable and disable interface or shaper rule, Wake on LAN, reboot, reconnect WAN, execute command); improved IPv6 support, including IPsec, DHCPv6-PD, RDNSS and DNSSL and NDP info on the ARP diagnostic page; major overhaul of wireless LAN support, with some cards, it is now also possible to create multiple APs at the same time; DNS forwarder: add option to log DNS queries, add aliases (CNAMEs) and MXs; make rule moving and deletion on shaper rules page work like for firewall rules; initial support for USB modems...." Continue to the project's download page to read the full list of new features. Download: generic-pc-1.8.1.iso (23.4MB, SHA256).

Manuel Kasper has announced the release of m0n0wall 1.34, a tiny FreeBSD-based operating system for firewalls: "m0n0wall 1.34 released. m0n0wall 1.34 is a maintenance release with low-priority security fixes for CSRF/XSS issues in the webGUI. Changes in this release: eliminate modifying GETs from webGUI pages; make rule moving and deletion on shaper rules page work like for firewall rules; add csrf-magic for CSRF protection in webGUI; fix potential XSS in diag_ping.php and diag_traceroute.php; increase key size of auto-generated webGUI certificates to 2,048 bits; update default webGUI certificate/key; remove domain name handling from dhclient-script and change ARP command not to use sed (not used/available in m0n0wall); change virtualHW version to 7 for VMWare image to avoid errors in ESX 4." Visit the project's download page to read the full changelog. Download from here: cdrom-1.34.iso (17.8MB, SHA256).

Manuel Kasper has announced the release of m0n0wall 1.33, a tiny FreeBSD-based operating system for firewalls: "m0n0wall 1.33 released. m0n0wall 1.33 adds a new image type for generic PCs with a serial console, further improves IPv6 support, includes a driver for newer Realtek network chipsets and contains various small changes and bug fixes. Changelog: updated ipfilter to 4.1.33; inbound NAT rules can now be added on the LAN interface with the WAN address as a target, this helps with accessing servers on an optional interface from the LAN interface by using m0n0wall's WAN IP address; IPv6 improvements; modified 'disable port mapping' option so that it will actually avoid port mapping whenever possible, but fall back to port mapping if another mapping for the same port already exists; added support for user-customizable captive portal logout and status page...." Visit the project's download page to read the full changelog. Download: cdrom-1.33.iso (17.8MB, SHA256).

Manuel Kasper has released a second beta build of m0n0wall 1.33, a tiny FreeBSD-based operating system for firewalls: "m0n0wall 1.33b2 released. This beta version introduces a new image type for generic PCs with a forced serial console, corrects driver issues with some Realtek network cards and fixes two small bugs in DHCP 6 handling and the captive portal. Changelog: a new image type 'generic-pc-serial' has been added, the only difference to generic-pc is that it always uses the serial console; reintroduced original FreeBSD if_re driver (to fix missing support for 8139C+) and added Realtek patched driver under a new name (if_rg) with lower priority to ensure that the Realtek patched driver is only used if the stock FreeBSD if_re/if_rl can't handle the device; disallow webGUI passwords with colons (:) as mini_httpd has trouble handling them; fix broken captive portal sessions...." Here is the complete changelog. Download: cdrom-1.33b2.iso (17.5MB, SHA256).

Manuel Kasper has announced the availability of the first beta release of m0n0wall 1.33, a tiny FreeBSD-based operating system for firewalls: "m0n0wall 1.33b1 released. This beta version further improves IPv6 support (DHCP-PD, AICCU), adds user-customizable captive portal logout/status pages, fixes many small bugs and XSS vulnerabilities and contains updates for ipfilter and the Realtek driver as well as other small improvements. Changelog: updated ipfilter to 4.1.33; inbound NAT rules can now be added on the LAN interface with the WAN address as a target; replaced if_re driver by Realtek customized version to support RTL8111C (among others); IPv6 improvements; added support for user-customizable captive portal logout and status page, as well as a password change option for local CP users; added 'Bind to LAN' option for syslog, so you can syslog over a VPN tunnel...." See the project's beta versions page for the rest of the changelog. Download: cdrom-1.33b1.iso (17.7MB, SHA256).

Manuel Kasper has announced the release of m0n0wall 1.3, a minimalist firewall distribution based on FreeBSD: "After almost three years in beta, I have decided that m0n0wall 1.3 is now good enough for production. It's basically a re-release of 1.3b18, with two fixes thrown in. No major bugs have been reported any more, but as always, upgrade on your own risk. Major changes in this release (since 1.23): switched base operating system to FreeBSD 6.4; consolidated net45xx, net48xx and wrap images into a single 'embedded' image; switched bridge implementation to if_bridge - bridge member interfaces will now always be filtered; IPv6 support (enable on advanced setup page); firewall support for IPsec traffic; IPsec NAT-T, DPD and dynamic tunnels; countless bug fixes and other improvements." Read the release announcement and changelog for additional details. Download (MD5): cdrom-1.3.iso (17.5MB).

Manuel Kasper has released the seventeenth beta build of m0n0wall 1.3, a complete software firewall based on FreeBSD: "m0n0wall 1.3 beta is based on FreeBSD 6.x and has better hardware support than the FreeBSD 4.x based versions (up to version 1.23x), as well as a few new features. Changes: converted from BRIDGE to if_bridge, removed multi-interface bridge check and checkbox under Advanced for filtering bridge since member interfaces will now always be filtered; fixed a problem with ipnat refusing to create new RDR translation entries in the NAT table if a MAP entry exists for the same port; fixed problems when using advanced outbound NAT rules with destination matching; fixed DHCP lease page to only show the last lease for a given IP address; fixed for IPv6 pages in user/group manager...." Read the rest of the release notes for a full list of fixes and improvements. Download (MD5): cdrom-1.3b17.iso (17.4MB).

Manuel Kasper has released a new public beta build of m0n0wall 1.3, a FreeBSD-based firewall. What's new? "Opened firewall rules for link-local IPv6 addresses on optional and LAN interfaces; initial basic support for secondary IP addresses; added DHCPv6 support; added additional RA options for LAN and optional interfaces, required for DHCPv6; added all-servers option to dnsmasq and removed overlap check as having multiple nameservers per domain is a valid configuration; changed interface status page to list all IP addresses on an interface; allow RA support on WAN interface, and add feature to automatically suggest an IPv6 address for the LAN interface; added IPv6 support to mini_httpd (for the webGUI); allow IPv6 addresses for DNS servers on system: general setup page, and for hosts on the DNS forwarder setup page...." Visit the project's development page to read the complete changelog. Download (MD5): cdrom-1.3b16.iso (17.2MB).

Manuel Kasper has announced the release of m0n0wall 1.234, a minimalist firewall distribution based on FreeBSD: "I've decided to create one more release in the 1.2x stable branch to add source port randomization (for both NAT and the DNS forwarder). This is a recommended upgrade for all 1.2x users, no matter whether you're running a DNS server behind m0n0wall with NAT or not. Changelog: added source port randomization for ipnat; updated Dnsmasq to 2.45 (source port randomization); updated PHP to 4.4.9; bumped MFS size for firmware upgrades to 10 MB; changed ZoneEdit update server name to dynamic.zoneedit.com." Read the release announcement and changelog for further information. Download (MD5): cdrom-1.234.iso (5.78MB).

A new beta release of m0n0wall 1.3 was announced yesterday. The development changelog of the FreeBSD-based mini firewall lists the following improvements: "Added siproxd for transparent SIP proxying and masquerading and simple registrar service; added vr(4) driver VLAN fix (for ALIX, etc.); sisX interface names are now automatically changed to vrX when running on ALIX; added reset button driver for ALIX; upgraded ipfilter to 4.1.23; fixed FIN handling in ipnat FTP proxy; changed logo, license and footer to include registered trademark sign. m0n0wall 1.3b is based on FreeBSD 6.x and has better hardware support than the FreeBSD 4.x-based versions (up to version 1.23), as well as a few new features. However, it also has higher hardware requirements." Interested beta testers can download the CD image from here: cdrom-1.3b5.iso (8.3MB, MD5).

An updated version of the FreeBSD-based m0n0wall firewall has been released: "m0n0wall 1.23 released. m0n0wall 1.23 adds new features to the captive portal, updates all components to the latest versions and contains many fixes and other small improvements. It marks the last general release in the FreeBSD 4.x-based branch of m0n0wall." From the changelog: "Added support for hardware button on WRAP (if pressed during boot, it will trigger a reset to factory defaults); updated PHP to 4.4.6; updated default webGUI SSL certificate." Visit the project's home page to read the release announcement and to learn more about m0n0wall. Download: cdrom-1.23.iso (5.76MB, MD5).

The second beta of the m0n0wall firewall, version 1.3, is available for download and testing. Changes since beta 1: "enabled NAT-T support for IPsec VPN (enable via webGUI); compiled SNMP agent with support for memory usage information MIB; back-ported MSS clamping fix from MPD 4.0b5 to MPD 3.18 (fixes MTU problems with PPPoE client); enabled hostap for wireless cards supported by the ral(4) driver; forced PIO mode for ATA driver to work around problems with quirky hardware (IDE controllers, CF cards); automatic keyboard detection for generic-pc(-cdrom); fallback to serial console if no keyboard found; enabled AES for IPsec phase 1; Captive portal fix (jdegraeve): now always sends the session time in RADIUS accounting messages instead of only sending it within an Accounting-Stop." Please visit the project's development pages to find out more. Download: cdrom-1.3b2.iso (8.09MB, MD5).

The first beta of the FreeBSD-based m0n0wall firewall, version 1.3, has been released. What's new? "Changed base system to FreeBSD 6.2-RC1 (final 1.3 version will be based on FreeBSD 6.2-RELEASE); added support for new wireless features in FreeBSD 6; Atheros cards are finally supported; channel selection on interface setup page now reflects actual capabilities of card; wireless status page shows scanned APs in client mode and associated stations in hostap mode; WPA support is expected in the next release; the configuration may now also be stored on an USB memory stick (instead of a floppy disk); removed MTU option from Interfaces: WAN page; a rather intrusive kernel patch was required to make concurrent traffic shaping + NAT on the WAN interface possible." Read the full changelog on the project's beta page for more details. Download: cdrom-1.3b1.iso (8.14MB, MD5).

The first beta of the FreeBSD-based m0n0wall firewall, version 1.23, is ready for download and testing. What's new? "Added support for 3rd party extensions in the group management and dynamic menu system; changes in captive portal; do not generate anti-spoof rules for optional interfaces that have other interfaces bridged to them when the filtering bridge is on; updated base system to FreeBSD 4.11-RELEASE-p18; recompiled ipsec-tools without FreeBSD patch to use 'security' syslog facility instead of 'daemon'." Visit the project's beta page to find out more about the new release. Download from here: cdrom-1.23b1.iso (5.74MB, MD5).

The m0n0wall project has announced the release of m0n0wall 1.22: "m0n0wall 1.22 released! m0n0wall 1.22 adds role-based webGUI access, further improves the captive portal (especially its RADIUS handling) and includes several other small updates, fixes and improvements. m0n0wall is a project aimed at creating a complete, embedded firewall software package. m0n0wall is based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities." Read the brief release announcement on the project's home page. Download: cdrom-1.22.iso (5.74MB, MD5).

m0n0wall, a tiny firewall and server based on FreeBSD, has been updated to version 1.21: "m0n0wall 1.21 released! m0n0wall 1.21 greatly improves the captive portal (better and more RADIUS options, file manager, stability), updates all components to the latest version and fixes several bugs." The release is based on 4.11-RELEASE-p13. Other changes include stability improvements to mini_httpd, captive portal RADIUS improvements, and various package updates (PHP 4.4.1, Dnsmasq 2.23). See the release announcement and changelog for a complete list of changes. Download: cdrom-1.21.iso (5.73MB, MD5).

Following a long series of beta releases, the developers of the FreeBSD-based m0n0wall firewall project have released version 1.2 final: "m0n0wall 1.2 released! m0n0wall 1.2 includes many new features as well as improvements to existing ones (captive portal, PPTP VPN, logging, DHCP relay, diagnostics, DynDNS updater, IPsec). Countless small changes have been made to make the webGUI even more useful, and many bugs have been fixed in all components. Most important changes in this release: IPsec certificate support; improved firewall rule handling in the webGUI; RFC 2136 DNS updater; more diagnostics pages (Traceroute, ARP, firewall states)...." Find more details in the release announcement and changelog. Download: cdrom-1.2.iso (5.66MB, MD5).

A new beta release of m0n0wall 1.2, a FreeBSD-based firewall, is now available. What's new? "Updated base system to FreeBSD 4.11-RELEASE-p11; upgraded PHP to 4.4.0, dhcpd to 3.0.3, racoon to 20050510a; removed psm0 from generic-pc / cdrom kernel config as there have been reports of exotic machines that lock up with it and it serves no use anyway; fixed bug on DNS forwarder page where sometimes the wrong entry would be edited / deleted; fixed name resolution on firewall logs page; fixed PPTP interface display on firewall logs page; redirect after clearing logs to avoid reposting on next refresh in browser...." Visit the m0n0wall beta page to read the complete list of changes. Download: cdrom-1.2b10.iso (5.77MB, MD5).

Development of the m0n0wall firewall continues with the 8th beta release: "This beta version is based on FreeBSD 4.11 and includes fixes to the captive portal, packet filter, NAT and other components." From the changelog: "Switched base system back to FreeBSD 4.11; merged ifstats.cgi and cpustats.cgi into stats.cgi; updated PHP to 4.3.11; only log the first passed packet, and not every packet in the same session; back out captive portal per-user bandwidth patches for the time being as they're buggy and not currently maintained; fix captive portal logout; return ICMP port unreachable instead of protocol unreachable (ipfilter default) for rejected UDP packets...." Download: cdrom-1.2b8.iso (5.7MB, MD5).

The latest development release of the m0n0wall firewall project is version 1.2b7. From the release notes: "Beta images are now digitally signed too; show lease start/end time on DHCP leases page in local time instead of GMT; added logging for the captive portal; changed the generic-pc HD standby timer feature to use ataidle; captive portal support for local user database; apply new version of captive portal RADIUS per-user bandwidth patches; updated wireless status page for FreeBSD 5.3 and ath; add some common 11a wireless channels as a temporary solution until we can query the actual list of available channels using ifconfig; ipfilter window scaling patch...." Download: cdrom-1.2b7.iso (7.23MB).

This is a new beta release of m0n0wall, a FreeBSD-based firewall. From the changelog: "Upgraded base system to FreeBSD 5.3; support Atheros based wireless cards; fixed: DHCP relay won't start automatically on reboot; fixed display of SSIDs with spaces in them on Status: Interfaces; turned on ipfw bridge filtering when the filtering bridge is on (traffic shaper); improved firewall rule selection (feedback with background color; the entire rule can be clicked to toggle the selection of a rule too); visual feedback on where rules would be moved when the mouse is over a rule move button; hidden config.xml option to override DNS servers that are assigned to PPTP VPN clients; IPsec: /0 remote network mask now allowed...." Download: cdrom-1.2b5.iso (7.22MB).

A new version of m0n0wall, an FreeBSD-based firewall, is under development: "Beta version 1.2b2 released. This beta version adds experimental OpenVPN support, a DHCP relay, dial-on-demand, ICMP type matching, better PPTP VPN logging, bigger filter state tables, and more." Some extracts from the changelog: "Dial-On-Demand for PPPoE and PPTP on WAN; added DHCP relay service; ICMP type matching for filter rules; PPTP VPN login/logout logging; captive portal: a unique/random session ID is now generated for RADIUS accounting, and MAC filtering can be disabled for special topologies (e.g. routed clients); RADIUS accounting port can be specified...." Those interested in participating in beta testing can download this release from here: cdrom-1.2b2.iso (5.38MB).

The FreeBSD-based m0n0wall firewall, version 1.1, has been released: "This second m0n0wall release adds several new features like captive portal support, 802.1Q VLAN and more, and fixes many bugs (not only in m0n0wall code, but also in software from other projects that is used in it)." See the changelog and the official announcement on the distribution's home page. Download: cdrom-1.1.iso. m0n0wall is a complete firewall software package based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities.